'Iranian cyber army' hits Twitter

Grabs of the hacked page were circulated online

Twitter has been hit by an embarrassing security breach.

A group claiming to be the Iranian Cyber Army managed to redirect Twitter users to its own site displaying a political message.

Twitter said the attack had been carried out by getting at the servers that tell web browsers where to find particular sites.

The site said it would start an investigation into what allowed the "unplanned downtime" to take place.

Address books

Twitter was hit by the security breach at 2200 PCT (0600 GMT) which led to users being redirected to a page showing a message declaring it had been hacked by the Iranian Cyber Army.

It showed an image of Farsi text overlaid on a green flag carrying the name of the third Shi'i Imam, Imam Husayn.

It also included a poem in Persian which said: "We shall strike if the leader orders, we shall lose our heads if the leader wishes."

Also included were the words: "Those that wage fight on the path of God win."

Some have suggested the attack is retaliation over the use made of Twitter during protests surrounding the Iranian election.

Soon after the images appeared Twitter went offline. About an hour later the site came back to life and appeared to be working normally.

A post on the Twitter status blog said: "We are working to recovery from an unplanned downtime and will update more as we learn the cause of this outage."

Later, Twitter admitted that its DNS records had been "temporarily compromised". It said it was looking into what happened.

THIS SITE HAS BEEN HACKED BY IRANIAN CYBER ARMY iRANiAN.CYBER.ARMY@GMAIL.COM U.S.A. Think They Controlling And Managing Internet By Their Access, But THey Don't, We Control And Manage Internet By Our Power, So Do Not Try To Stimulation Iranian Peoples To.... NOW WHICH COUNTRY IN EMBARGO LIST? IRAN? USA? WE PUSH THEM IN EMBARGO LIST Take Care. Twitter hack text

DNS, the Domain Name System, acts as the address books for the internet. It tells browsing software where to find the computers hosting a particular webpage.

By attacking the DNS servers the hackers were able to re-direct Twitter users.

"These changes mean that when you or I type a website address into our browsers, we are directed not to the real website but to a second site, set up by the hackers, in this case the 'Iranian Cyber Army'," said Rik Ferguson from security firm Trend Micro. "This has the net effect of making it look like, in this example, servers belonging to Twitter were compromised when in reality that was not the case."

Mr Ferguson said such attacks were typically a result of politically motivated hacking or "hacktivism".

However, he added, some cyber criminals also try the ruse using a replica of a website in an attempt to trick people into handing over login details.

The attack is the latest in a series of security embarrassments that Twitter has suffered.

In August, Twitter was offline for two hours as it struggled to cope with an attack aimed at a Russian blogger.

In July many of Twitter's confidential business documents were stolen in a hack attack and published online.

Many spammers and scammers are also targeting the service in a bid to hijack accounts and piggyback on the popularity of some Twitter users.